TU Darmstadt / ULB / TUbiblio

Dynamic Anomaly Detection for More Trustworthy Outsourced Computation

Alsouri, Sami ; Sinschek, Jan ; Sewe, Andreas ; Bodden, Eric ; Mezini, Mira ; Katzenbeisser, Stefan (2012)
Dynamic Anomaly Detection for More Trustworthy Outsourced Computation.
15th International Conference on Information Security. Passau, Germany (19-21 Sep 2012)
doi: 10.1007/978-3-642-33383-5_11
Konferenzveröffentlichung, Bibliographie

Kurzbeschreibung (Abstract)

A hybrid cloud combines a trusted private cloud with a public cloud owned by an untrusted cloud provider. This is problematic: When a hybrid cloud shifts computation from its private to its public part, it must trust the public part to execute the computation as intended. We show how public-cloud providers can use dynamic anomaly detection to increase their clients’ trust in outsourced computations. The client first defines the computation’s reference behavior by running an automated dynamic analysis in the private cloud. The cloud provider then generates an application profile when executing the outsourced computation for its client, persisted in tamper-proof storage. When in doubt, the client checks the profile against the recorded reference behavior. False positives are identified by re-executing the dubious computation in the trusted private cloud, and are used to re-fine the description of the reference behavior. The approach is fully automated. Using 3,000 harmless and 118 malicious inputs to different Java applications, we show that our approach is effective. In particular, different characterizations of behavior can yield anything from low numbers of false positives to low numbers of false negatives, effectively trading trustworthiness for computation cost in the private cloud.

Typ des Eintrags: Konferenzveröffentlichung
Erschienen: 2012
Autor(en): Alsouri, Sami ; Sinschek, Jan ; Sewe, Andreas ; Bodden, Eric ; Mezini, Mira ; Katzenbeisser, Stefan
Art des Eintrags: Bibliographie
Titel: Dynamic Anomaly Detection for More Trustworthy Outsourced Computation
Sprache: Englisch
Publikationsjahr: 26 August 2012
Buchtitel: Information Security
Reihe: Lecture Notes in Computer Science
Band einer Reihe: 7483
Veranstaltungstitel: 15th International Conference on Information Security
Veranstaltungsort: Passau, Germany
Veranstaltungsdatum: 19-21 Sep 2012
DOI: 10.1007/978-3-642-33383-5_11
Kurzbeschreibung (Abstract):

A hybrid cloud combines a trusted private cloud with a public cloud owned by an untrusted cloud provider. This is problematic: When a hybrid cloud shifts computation from its private to its public part, it must trust the public part to execute the computation as intended. We show how public-cloud providers can use dynamic anomaly detection to increase their clients’ trust in outsourced computations. The client first defines the computation’s reference behavior by running an automated dynamic analysis in the private cloud. The cloud provider then generates an application profile when executing the outsourced computation for its client, persisted in tamper-proof storage. When in doubt, the client checks the profile against the recorded reference behavior. False positives are identified by re-executing the dubious computation in the trusted private cloud, and are used to re-fine the description of the reference behavior. The approach is fully automated. Using 3,000 harmless and 118 malicious inputs to different Java applications, we show that our approach is effective. In particular, different characterizations of behavior can yield anything from low numbers of false positives to low numbers of false negatives, effectively trading trustworthiness for computation cost in the private cloud.

Freie Schlagworte: Cloud security, dependability, dynamic analysis, anomaly detection, hybrid clouds
Fachbereich(e)/-gebiet(e): 20 Fachbereich Informatik > Security Engineering
20 Fachbereich Informatik > Softwaretechnik
LOEWE > LOEWE-Zentren > CASED – Center for Advanced Security Research Darmstadt
20 Fachbereich Informatik > EC SPRIDE > Secure Software Engineering
20 Fachbereich Informatik > EC SPRIDE
20 Fachbereich Informatik
Zentrale Einrichtungen
LOEWE
LOEWE > LOEWE-Zentren
Hinterlegungsdatum: 12 Sep 2012 14:49
Letzte Änderung: 05 Mär 2013 10:02
PPN:
Export:
Suche nach Titel in: TUfind oder in Google
Frage zum Eintrag Frage zum Eintrag

Optionen (nur für Redakteure)
Redaktionelle Details anzeigen Redaktionelle Details anzeigen